CVE-2014-6906
The CVE-2014-6906 entry concerns the Android app Loli Chocolate Cake (com.alison.kang.chocolatecake) 1.0.0, which does not verify X.509 certificates from SSL servers. This allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. According to ...